RegCleanPro, Delta-Search, BitGuard -- Tried to remove... no luck

Hi. Working on a computer for a friend. I'm not sure if it's really full on virus/trojan/malware or if it's just really difficult to remove. All I've done so far is run HitmanPro twice. It found a lot of stuff and removed it the first time. About 9 entries were trojans/riskware/etc. The second time I ran it, it found only one virus (BitGuard.dll). The computer is UNBELIEVABLY slow and it shouldn't be based on it's specs. I used it a few months ago and it's performance was normal. Here's my DDS log to get started. Please let me know what's next. THANK YOU!!

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16686  BrowserJavaVersion: 10.25.2
Run by Owner at 14:25:53 on 2013-09-19
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3932.3305 [GMT -4:00]
.
AV: Microsoft Security Essentials Prerelease *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials Prerelease *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\systempropertiesremote.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TidyNetwork.com: {7736C7FA-512D-11E2-B871-DEC36088709B} - C:\Users\Owner\AppData\Local\TidyNetwork.com\tidy2ie.dll
BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Owner\AppData\Local\DefineExt\temp.dat
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.2
TCP: Interfaces\{F1AAC217-E342-4BCD-B559-3BFB63A2AAEC} : DHCPNameServer = 10.0.0.2
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
AppInit_DLLs= c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [picon] "C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe" -startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ditm8wqa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3309350&CUI=UN24822878988143265&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=C02C0024E820B956&affID=122786&tt=110913_221&tsp=5002
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3309350&SearchSource=2&CUI=UN24822878988143265&UM=2&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-09-03 00:00; umylsm@sqhjcpzmeselzlp.org; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ditm8wqa.default\extensions\umylsm@sqhjcpzmeselzlp.org
FF - ExtSQL: 2013-09-03 15:51; tidynetwork@tidynetwork; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ditm8wqa.default\extensions\tidynetwork@tidynetwork
FF - ExtSQL: 2013-09-03 15:52; {650598e1-b35a-45d3-b607-896d7acb64c3}; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ditm8wqa.default\extensions\{650598e1-b35a-45d3-b607-896d7acb64c3}
FF - ExtSQL: 2013-09-11 15:49; ffxtlbr@delta.com; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ditm8wqa.default\extensions\ffxtlbr@delta.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - c02c4b1b0000000000000024e820b956
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15959
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.615:49:40
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=122786&tt=110913_221&tsp=5002
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k60x64.sys [2009-6-10 220672]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-9-17 56344]
S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-8-28 250352]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2013-9-19 32512]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-18 25928]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
.
=============== Created Last 30 ================
.
2013-09-19 17:50:24      32512      ----a-w-      C:\Windows\System32\drivers\hitmanpro37.sys
2013-09-18 22:35:44      --------      d-----w-      C:\Users\Owner\AppData\Roaming\Malwarebytes
2013-09-18 22:35:16      --------      d-----w-      C:\ProgramData\Malwarebytes
2013-09-18 22:35:08      25928      ----a-w-      C:\Windows\System32\drivers\mbam.sys
2013-09-18 22:35:07      --------      d-----w-      C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 22:34:50      --------      d-----w-      C:\Users\Owner\AppData\Local\Programs
2013-09-18 22:32:09      --------      d-----w-      C:\Windows\pss
2013-09-18 21:21:17      --------      d-----w-      C:\ProgramData\HitmanPro
2013-09-18 17:18:50      9694160      ----a-w-      C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C4E423AC-3C49-438E-99E9-306C76CB2E91}\mpengine.dll
2013-09-16 17:22:12      9694160      ----a-w-      C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-14 23:34:24      --------      d-----w-      C:\ProgramData\BitGuard
2013-09-12 15:50:48      155584      ----a-w-      C:\Windows\System32\drivers\ataport.sys
2013-09-12 15:47:19      --------      d-----w-      C:\Users\Owner\AppData\Local\avgchrome
2013-09-12 15:38:12      --------      d-----w-      C:\ProgramData\Systweak
2013-09-12 15:38:09      16896      ----a-w-      C:\Windows\System32\sasnative64.exe
2013-09-12 15:38:09      --------      d-----w-      C:\Program Files (x86)\Advanced System Protector
2013-09-11 19:49:40      --------      d-----w-      C:\Users\Owner\AppData\Roaming\Systweak
2013-09-11 19:49:38      --------      d-----w-      C:\Program Files (x86)\Delta
2013-09-11 19:49:37      19368      ----a-w-      C:\Windows\System32\roboot64.exe
2013-09-11 19:49:33      --------      d-----w-      C:\Users\Owner\AppData\Roaming\Delta
2013-09-11 19:49:29      --------      d-----w-      C:\Program Files (x86)\RegClean Pro
2013-09-11 19:49:02      --------      d-----w-      C:\Users\Owner\AppData\Roaming\BabSolution
2013-09-11 19:49:02      --------      d-----w-      C:\ProgramData\DSearchLink
2013-09-11 19:48:46      --------      d-----w-      C:\ProgramData\Babylon
2013-09-07 18:13:45      965008      ------w-      C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7DF6B888-BCA6-4906-B175-20A332AF1717}\gapaengine.dll
2013-09-03 19:52:11      --------      d-----w-      C:\Users\Owner\AppData\Local\WeatherBug
2013-09-03 19:52:10      --------      d-----w-      C:\Users\Owner\AppData\Roaming\WeatherBug
2013-09-03 19:52:08      --------      d-----w-      C:\Program Files (x86)\AWS
2013-09-03 19:51:25      --------      d-----w-      C:\Users\Owner\AppData\Local\DefineExt
2013-09-03 19:51:17      --------      d-----w-      C:\Users\Owner\AppData\Local\TidyNetwork.com
2013-08-28 20:35:00      250352      ----a-w-      C:\Windows\System32\drivers\MpFilter.sys
.
==================== Find3M  ====================
.
2013-09-19 17:43:33      71048      ----a-w-      C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-19 17:43:33      692616      ----a-w-      C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-28 20:35:02      139616      ----a-w-      C:\Windows\System32\drivers\NisDrvWFP.sys
2013-08-10 05:22:18      2241024      ----a-w-      C:\Windows\System32\wininet.dll
2013-08-10 05:20:59      3959296      ----a-w-      C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55      67072      ----a-w-      C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55      136704      ----a-w-      C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10      1767936      ----a-w-      C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09      2876928      ----a-w-      C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06      61440      ----a-w-      C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06      109056      ----a-w-      C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38      2706432      ----a-w-      C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50      2706432      ----a-w-      C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59      89600      ----a-w-      C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19      71680      ----a-w-      C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43      3155456      ----a-w-      C:\Windows\System32\win32k.sys
2013-08-02 02:23:53      5550528      ----a-w-      C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44      1732032      ----a-w-      C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03      362496      ----a-w-      C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03      243712      ----a-w-      C:\Windows\System32\wow64.dll
2013-08-02 02:15:03      13312      ----a-w-      C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57      215040      ----a-w-      C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11      16384      ----a-w-      C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34      424448      ----a-w-      C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30      3968960      ----a-w-      C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30      3913664      ----a-w-      C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23      1292192      ----a-w-      C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42      5120      ----a-w-      C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42      274944      ----a-w-      C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17      338432      ----a-w-      C:\Windows\System32\conhost.exe
2013-08-02 00:59:09      112640      ----a-w-      C:\Windows\System32\smss.exe
2013-08-02 00:45:37      25600      ----a-w-      C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36      14336      ----a-w-      C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35      7680      ----a-w-      C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34      2048      ----a-w-      C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05      6144      ---ha-w-      C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05      4608      ---ha-w-      C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05      3584      ---ha-w-      C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05      3072      ---ha-w-      C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-29 16:39:40      96168      ----a-w-      C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-29 16:39:37      867240      ----a-w-      C:\Windows\SysWow64\npDeployJava1.dll
2013-07-29 16:39:37      789416      ----a-w-      C:\Windows\SysWow64\deployJava1.dll
2013-07-25 09:25:54      1888768      ----a-w-      C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27      1620992      ----a-w-      C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42      2048      ----a-w-      C:\Windows\System32\tzres.dll
2013-07-19 01:41:01      2048      ----a-w-      C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52      224256      ----a-w-      C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16      1217024      ----a-w-      C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20      184320      ----a-w-      C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20      1472512      ----a-w-      C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20      139776      ----a-w-      C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33      663552      ----a-w-      C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10      175104      ----a-w-      C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31      140288      ----a-w-      C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31      1166848      ----a-w-      C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31      103936      ----a-w-      C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53      1910208      ----a-w-      C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 14:32:42.10 ===============
attach.zip
jpfultonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nick RhodeIT DirectorCommented:
Its probably one of those nasty malware that downloads and installs all that garbage on your system so the system being slow is because its pulling that software back down.  Typical guide I use is the following:

Perform a System Restore: Boot up in safe mode with command prompt.

Type rstrui.exe and restore your computer to a few days ago.

Then do the following:

Download these tools

CCleaner: http://www.filehippo.com/download_ccleaner/
TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
RogueKiller: http://www.bleepingcomputer.com/download/roguekiller/
Adwcleaner: http://www.bleepingcomputer.com/download/adwcleaner/
Malwarebytes: http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

And run them in that order:

1) TDSSKiller
2) RogueKiller (scan, fix host, fix proxy, fix dns)
3) Adwcleaner: (Scan, Clean)
4) Malwarebytes: (download all updates and run a full scan)
5) CCleaner

If you have trouble since some viruses cannot be detected in Windows (Boot Sector) you can use this (http://www.avg.com/eu-en/download.prd-arl). Boot from CD, scan, delete viruses, reboot. **Thanks to Kimputer**
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sudeep SharmaTechnical DesignerCommented:
@jpfulton,

I would suggest you scan the system with only following tools and post the logs.

Make sure you DO NOT REBOOT the system after running tools in point 1 & 2.

1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller

I would also recommend you to go through the articles from Younghv and RPG for the links of the tools and for the future reference

Basic Malware Troubleshooting
http://www.experts-exchange.com/A_1940.html

Rogue-Killer-What-a-great-name
http://www.experts-exchange.com/A_4922.html

Stop-the-Bleeding-First-Aid-for-Malware
http://www.experts-exchange.com/A_5124.html

Run MalwareBytes in Quick Mode and if that required reboot, then reboot the system and run tools mentioned in point 1 and 2 but this time run MalwareBytes in Full Systen Scan.

So in your next reply post the RogueKiller logs, MBAM logs and TDSSKIller Logs

Sudeep
0
jpfultonAuthor Commented:
Awarding points to both because I used the tools mentioned in both posts. Computer appears to be squeeky clean now and performance is 100% back.
0
Sudeep SharmaTechnical DesignerCommented:
Just make sure that shortcuts of browsers doesn't have the links to any of these.

Sudeep
0
jpfultonAuthor Commented:
Thank you for the tip. I'll check for that in a little bit.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.